Crucial Guidelines on MSP Security from the WannaCry Ransomware Attack

There are numerous security threats to commercial networks, so MSP security has become crucial for businesses and organizations. One of the most prominent dangers to computers in these setups is malicious software. In general, if the IT systems in an enterprise are exposed to malware, the company could lose their data permanently. The hackers could extort money or sell the information. In some cases, confidential data could be exposed, compromising the company or its customers and executives.

Unfortunately, it is not unusual to find a managed service provider or technician without the proper tools, techniques, and measures for protection against malware. The WannaCry ransomware attack provides evidence of the poor IT security practices. The worldwide issue was caused by a cryptoworm which was designed to target Microsoft Windows. The malware encrypted the data after infecting systems and a ransom was required in form of Bitcoin to allow decryption of the files. Numerous countries and companies were affected.

While the huge wave of the WannaCry attack is over, there are important guidelines that you can derive from the incident as an MSP:

Upgrade the Operating Systems

Upgrading the operating system is an obvious practice that security experts should understand and maintain. This process not only allows you and your clients to keep up with the times, but it also provides an extra layer of security against malware attacks. When the WannaCry worm was released, the systems which were at high risk were those running old versions of Microsoft Windows. For example, Windows XP is not a currently supported platform because it is outdated. Operating systems should be updated regularly to avoid the vulnerability to malicious attacks. When a new version of an operating system is released, discuss upgrades with your clients immediately.

Install Security Patches

The WannaCry worm took advantage of a vulnerability known as EternalBlue in Microsoft Windows. Microsoft had discovered the threat to security earlier and taken measures to ensure that the OS users were not compromised. Two months before the initial attack, a security patch was released. A bulletin was released explaining the flaw and announced the release of the patch. The most important lesson that you can derive from this incident is that security patches are crucial. As an MSP security expert, you should be aware of available patches for the software used in your company and by your clients. Install the patches as soon as possible and prioritize those designed to increase security.

Understand Industry Problems

When you are engaged as an MSP, you should dedicate time to understanding the current news in the industry. Ignorance is a major vulnerability and it is not a good defense during or after a disaster. You should keep your eyes and ears open if you want to provide optimal security. Know the current dangers for commercial networks and the different ways to protect against the risks. You should be aware of common viruses and fixes, social engineering attacks and even hackers targeting businesses similar to your clients’. This will help you prepare with efficiency.

Establish Multiple Security Measures

You should invest in good IT security tools for your business and your commercial customers. Some unreliable technical support companies install a single measure to cut the expenses. For example, they might setup antivirus software on the network and decide that it will be sufficient. This practice leaves the network vulnerable to multiple threats which can bypass the weak measures. For optimal security, you should cover all your bases. You should install good firewalls and web filters to protect against the internet. The email applications should also be able to flag suspicious messages to prevent phishing. The networks should also be monitored for unusual activity.

Finally, when dealing with MSP security, you should remember that proper preparation against threats is cheaper and easier than dealing with the consequences.

Crucial Guidelines on MSP Security from the WannaCry Ransomware Attack was last modified: August 31st, 2017 by Herbert Olitsky